CPU Auslastung immer über 50%

jomos · 29.11.2009, 20:26

log.txt von schritt 3:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=cfa9b2a1cad65d40b8d8820521b08236
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2009-11-29 07:06:01
# local_time=2009-11-29 08:06:01 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT 
# compatibility_mode=512 16777215 100 0 695825 695825 0 0
# compatibility_mode=1024 16777215 100 0 1516071 1516071 0 0
# compatibility_mode=3588 16777213 100 93 1515444 34760599 0 0
# compatibility_mode=5893 16776574 100 85 11909732 11909732 0 0
# compatibility_mode=8192 67108863 100 0 3934 3934 0 0
# scanned=217120
# found=0
# cleaned=0
# scan_time=17502

Larusso · 29.11.2009, 20:50

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden)

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles in Code-Tags hier in den Thread.

jomos · 29.11.2009, 21:58

ah moment habe den letzten eintrag nicht gelesen...
so hier nun OTL.txt Teil 1

Code:

ATTFilter

OTL logfile created on: 29.11.2009 22:08:22 - Run 3
OTL by OldTimer - Version 3.1.11.0     Folder = C:\Users\mnk\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,97 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 46,82% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285,50 Gb Total Space | 137,32 Gb Free Space | 48,10% Space Free | Partition Type: NTFS
Drive D: | 298,09 Gb Total Space | 116,30 Gb Free Space | 39,02% Space Free | Partition Type: NTFS
Drive E: | 12,58 Gb Total Space | 11,93 Gb Free Space | 94,79% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 59,31 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: MNK-LAPTOP
Current User Name: mnk
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\mnk\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\mnk\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\PostgreSQL2\8.4\bin\pg_ctl.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\PostgreSQL2\8.4\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\PostgreSQL2\8.4\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\PostgreSQL2\8.4\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\PostgreSQL2\8.4\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\PostgreSQL2\8.4\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\PostgreSQL2\8.4\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\PostgreSQL2\8.4\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\PostgreSQL2\8.4\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\PostgreSQL2\8.4\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\PostgreSQL2\8.4\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\PostgreSQL2\8.4\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\PostgreSQL2\8.4\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\PostgreSQL2\8.4\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\PostgreSQL2\8.4\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\PostgreSQL2\8.4\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\PostgreSQL2\8.4\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe ( Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft)
PRC - C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe ()
PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe ()
PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\SMINST\BLService.exe ()
PRC - C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe ()
PRC - C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
PRC - C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exe (Lexmark International, Inc.)
PRC - C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exe (Lexmark International, Inc.)
PRC - C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmon.exe (Lexmark International, Inc.)
PRC - C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmon.exe (Lexmark International, Inc.)
PRC - C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
PRC - C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
PRC - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
PRC - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
PRC - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
PRC - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
PRC - C:\Program Files (x86)\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\mnk\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_000\plugin_extra.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_000\plugin_nt.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_000\plugin_net.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_000\plugin_fragments.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_000\plugin_registry.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_000\plugin_base.m32 (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas64-v2_000\midas32.dll (BitDefender S.R.L. Bucharest, ROMANIA)
MOD - C:\Windows\SysWOW64\msasn1.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\ntdll.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\xmllite.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\Wldap32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\winmm.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\vssapi.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\usp10.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\vsstrace.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\version.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\spp.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\srclient.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\shell32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\setupapi.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\shlwapi.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\shdocvw.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\samlib.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\secur32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\ole32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\propsys.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\oleaut32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\olepro32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\psapi.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\ntmarta.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\msxml3.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\msvcrt.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\msimg32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\msctf.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\mpr.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\iertutil.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\fontext.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\fms.dll (Windows (R) Codename Longhorn DDK provider)
MOD - C:\Windows\SysWOW64\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\crypt32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\clbcatq.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\cfgmgr32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\atl.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\advapi32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\apphelp.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\winspool.drv (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\user32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\uxtheme.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\kernel32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\rpcrt4.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\lpk.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\gdi32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\imm32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (LIVESRV) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender S.R.L.)
SRV:64bit: - (VSSERV) -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe (BitDefender S.R.L.)
SRV:64bit: - (Arrakis3) -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe (BitDefender S.R.L. http://www.bitdefender.com)
SRV:64bit: - (WwanSvc) -- C:\Windows\SysNative\wwansvc.dll (Microsoft Corporation)
SRV:64bit: - (wudfsvc) -- C:\Windows\SysNative\WUDFSvc.dll (Microsoft Corporation)
SRV:64bit: - (wuauserv) -- C:\Windows\SysNative\wuaueng.dll (Microsoft Corporation)
SRV:64bit: - (WinRM) -- C:\Windows\SysNative\WsmSvc.dll (Microsoft Corporation)
SRV:64bit: - (wscsvc) -- C:\Windows\SysNative\wscsvc.dll (Microsoft Corporation)
SRV:64bit: - (WPDBusEnum) -- C:\Windows\SysNative\wpdbusenum.dll (Microsoft Corporation)
SRV:64bit: - (WPCSvc) -- C:\Windows\SysNative\wpcsvc.dll (Microsoft Corporation)
SRV:64bit: - (eventlog) -- C:\Windows\SysNative\wevtsvc.dll (Microsoft Corporation)
SRV:64bit: - (Wlansvc) -- C:\Windows\SysNative\wlansvc.dll (Microsoft Corporation)
SRV:64bit: - (stisvc) -- C:\Windows\SysNative\wiaservc.dll (Microsoft Corporation)
SRV:64bit: - (WinHttpAutoProxySvc) -- C:\Windows\SysNative\winhttp.dll (Microsoft Corporation)
SRV:64bit: - (W32Time) -- C:\Windows\SysNative\w32time.dll (Microsoft Corporation)
SRV:64bit: - (wcncsvc) -- C:\Windows\SysNative\wcncsvc.dll (Microsoft Corporation)
SRV:64bit: - (upnphost) -- C:\Windows\SysNative\upnphost.dll (Microsoft Corporation)
SRV:64bit: - (WebClient) -- C:\Windows\SysNative\WebClnt.dll (Microsoft Corporation)
SRV:64bit: - (Winmgmt) -- C:\Windows\SysNative\wbem\WMIsvc.dll (Microsoft Corporation)
SRV:64bit: - (Wecsvc) -- C:\Windows\SysNative\wecsvc.dll (Microsoft Corporation)
SRV:64bit: - (WbioSrvc) -- C:\Windows\SysNative\wbiosrvc.dll (Microsoft Corporation)
SRV:64bit: - (Power) -- C:\Windows\SysNative\umpo.dll (Microsoft Corporation)
SRV:64bit: - (LanmanWorkstation) -- C:\Windows\SysNative\wkssvc.dll (Microsoft Corporation)
SRV:64bit: - (WdiSystemHost) -- C:\Windows\SysNative\wdi.dll (Microsoft Corporation)
SRV:64bit: - (WdiServiceHost) -- C:\Windows\SysNative\wdi.dll (Microsoft Corporation)
SRV:64bit: - (wercplsupport) -- C:\Windows\SysNative\wercplsupport.dll (Microsoft Corporation)
SRV:64bit: - (WerSvc) -- C:\Windows\SysNative\wersvc.dll (Microsoft Corporation)
SRV:64bit: - (WcsPlugInService) -- C:\Windows\SysNative\WcsPlugInService.dll (Microsoft Corporation)
SRV:64bit: - (UxSms) -- C:\Windows\SysNative\uxsms.dll (Microsoft Corporation)
SRV:64bit: - (TermService) -- C:\Windows\SysNative\termsrv.dll (Microsoft Corporation)
SRV:64bit: - (PlugPlay) -- C:\Windows\SysNative\umpnpmgr.dll (Microsoft Corporation)
SRV:64bit: - (TapiSrv) -- C:\Windows\SysNative\tapisrv.dll (Microsoft Corporation)
SRV:64bit: - (TrkWks) -- C:\Windows\SysNative\trkwks.dll (Microsoft Corporation)
SRV:64bit: - (TabletInputService) -- C:\Windows\SysNative\TabSvc.dll (Microsoft Corporation)
SRV:64bit: - (TBS) -- C:\Windows\SysNative\tbssvc.dll (Microsoft Corporation)
SRV:64bit: - (Themes) -- C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
SRV:64bit: - (SysMain) -- C:\Windows\SysNative\sysmain.dll (Microsoft Corporation)
SRV:64bit: - (swprv) -- C:\Windows\SysNative\swprv.dll (Microsoft Corporation)
SRV:64bit: - (ShellHWDetection) -- C:\Windows\SysNative\shsvcs.dll (Microsoft Corporation)
SRV:64bit: - (LanmanServer) -- C:\Windows\SysNative\srvsvc.dll (Microsoft Corporation)
SRV:64bit: - (SSDPSRV) -- C:\Windows\SysNative\ssdpsrv.dll (Microsoft Corporation)
SRV:64bit: - (SessionEnv) -- C:\Windows\SysNative\SessEnv.dll (Microsoft Corporation)
SRV:64bit: - (SstpSvc) -- C:\Windows\SysNative\sstpsvc.dll (Microsoft Corporation)
SRV:64bit: - (sppuinotify) -- C:\Windows\SysNative\sppuinotify.dll (Microsoft Corporation)
SRV:64bit: - (SensrSvc) -- C:\Windows\SysNative\sensrsvc.dll (Microsoft Corporation)
SRV:64bit: - (pla) -- C:\Windows\SysNative\pla.dll (Microsoft Corporation)
SRV:64bit: - (Schedule) -- C:\Windows\SysNative\schedsvc.dll (Microsoft Corporation)
SRV:64bit: - (BITS) -- C:\Windows\SysNative\qmgr.dll (Microsoft Corporation)
SRV:64bit: - (RpcSs) -- C:\Windows\SysNative\rpcss.dll (Microsoft Corporation)
SRV:64bit: - (DcomLaunch) -- C:\Windows\SysNative\rpcss.dll (Microsoft Corporation)
SRV:64bit: - (napagent) -- C:\Windows\SysNative\QAGENTRT.DLL (Microsoft Corporation)
SRV:64bit: - (p2psvc) -- C:\Windows\SysNative\p2psvc.dll (Microsoft Corporation)
SRV:64bit: - (RasMan) -- C:\Windows\SysNative\rasmans.dll (Microsoft Corporation)
SRV:64bit: - (PNRPsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (p2pimsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (QWAVE) -- C:\Windows\SysNative\qwave.dll (Microsoft Corporation)
SRV:64bit: - (ProfSvc) -- C:\Windows\SysNative\profsvc.dll (Microsoft Corporation)
SRV:64bit: - (SCardSvr) -- C:\Windows\SysNative\SCardSvr.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupProvider) -- C:\Windows\SysNative\provsvc.dll (Microsoft Corporation)
SRV:64bit: - (PcaSvc) -- C:\Windows\SysNative\pcasvc.dll (Microsoft Corporation)
SRV:64bit: - (SDRSVC) -- C:\Windows\SysNative\sdrsvc.dll (Microsoft Corporation)
SRV:64bit: - (RemoteRegistry) -- C:\Windows\SysNative\regsvc.dll (Microsoft Corporation)
SRV:64bit: - (RasAuto) -- C:\Windows\SysNative\rasauto.dll (Microsoft Corporation)
SRV:64bit: - (RpcEptMapper) -- C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation)
SRV:64bit: - (SENS) -- C:\Windows\SysNative\Sens.dll (Microsoft Corporation)
SRV:64bit: - (seclogon) -- C:\Windows\SysNative\seclogon.dll (Microsoft Corporation)
SRV:64bit: - (nsi) -- C:\Windows\SysNative\nsisvc.dll (Microsoft Corporation)
SRV:64bit: - (PNRPAutoReg) -- C:\Windows\SysNative\pnrpauto.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofm.dll (Microsoft Corporation)
SRV:64bit: - (Netman) -- C:\Windows\SysNative\netman.dll (Microsoft Corporation)
SRV:64bit: - (NlaSvc) -- C:\Windows\SysNative\nlasvc.dll (Microsoft Corporation)
SRV:64bit: - (KtmRm) -- C:\Windows\SysNative\msdtckrm.dll (Microsoft Corporation)
SRV:64bit: - (MpsSvc) -- C:\Windows\SysNative\MPSSVC.dll (Microsoft Corporation)
SRV:64bit: - (RemoteAccess) -- C:\Windows\SysNative\mprdim.dll (Microsoft Corporation)
SRV:64bit: - (THREADORDER) -- C:\Windows\SysNative\mmcss.dll (Microsoft Corporation)
SRV:64bit: - (MMCSS) -- C:\Windows\SysNative\mmcss.dll (Microsoft Corporation)
SRV:64bit: - (Mcx2Svc) -- C:\Windows\SysNative\Mcx2Svc.dll (Microsoft Corporation)
SRV:64bit: - (lltdsvc) -- C:\Windows\SysNative\lltdsvc.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupListener) -- C:\Windows\SysNative\ListSvc.dll (Microsoft Corporation)
SRV:64bit: - (lmhosts) -- C:\Windows\SysNative\lmhsvc.dll (Microsoft Corporation)
SRV:64bit: - (hkmsvc) -- C:\Windows\SysNative\KMSVC.DLL (Microsoft Corporation)
SRV:64bit: - (MSiSCSI) -- C:\Windows\SysNative\iscsiexe.dll (Microsoft Corporation)
SRV:64bit: - (iphlpsvc) -- C:\Windows\SysNative\iphlpsvc.dll (Microsoft Corporation)
SRV:64bit: - (PolicyAgent) -- C:\Windows\SysNative\IPSECSVC.DLL (Microsoft Corporation)
SRV:64bit: - (SharedAccess) -- C:\Windows\SysNative\ipnathlp.dll (Microsoft Corporation)
SRV:64bit: - (IPBusEnum) -- C:\Windows\SysNative\IPBusEnum.dll (Microsoft Corporation)
SRV:64bit: - (IKEEXT) -- C:\Windows\SysNative\IKEEXT.DLL (Microsoft Corporation)
SRV:64bit: - (hidserv) -- C:\Windows\SysNative\hidserv.dll (Microsoft Corporation)
SRV:64bit: - (gpsvc) -- C:\Windows\SysNative\gpsvc.dll (Microsoft Corporation)
SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation)
SRV:64bit: - (FDResPub) -- C:\Windows\SysNative\FDResPub.dll (Microsoft Corporation)
SRV:64bit: - (fdPHost) -- C:\Windows\SysNative\fdPHost.dll (Microsoft Corporation)
SRV:64bit: - (EventSystem) -- C:\Windows\SysNative\es.dll (Microsoft Corporation)
SRV:64bit: - (EapHost) -- C:\Windows\SysNative\eapsvc.dll (Microsoft Corporation)
SRV:64bit: - (dot3svc) -- C:\Windows\SysNative\dot3svc.dll (Microsoft Corporation)
SRV:64bit: - (Dnscache) -- C:\Windows\SysNative\dnsrslvr.dll (Microsoft Corporation)
SRV:64bit: - (DPS) -- C:\Windows\SysNative\dps.dll (Microsoft Corporation)
SRV:64bit: - (Dhcp) -- C:\Windows\SysNative\dhcpcore.dll (Microsoft Corporation)
SRV:64bit: - (defragsvc) -- C:\Windows\SysNative\defragsvc.dll (Microsoft Corporation)
SRV:64bit: - (CryptSvc) -- C:\Windows\SysNative\cryptsvc.dll (Microsoft Corporation)
SRV:64bit: - (SCPolicySvc) -- C:\Windows\SysNative\certprop.dll (Microsoft Corporation)
SRV:64bit: - (CertPropSvc) -- C:\Windows\SysNative\certprop.dll (Microsoft Corporation)
SRV:64bit: - (Browser) -- C:\Windows\SysNative\browser.dll (Microsoft Corporation)
SRV:64bit: - (bthserv) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation)
SRV:64bit: - (BFE) -- C:\Windows\SysNative\BFE.DLL (Microsoft Corporation)
SRV:64bit: - (BDESVC) -- C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
SRV:64bit: - (AxInstSV) -- C:\Windows\SysNative\AxInstSv.dll (Microsoft Corporation)
SRV:64bit: - (AudioSrv) -- C:\Windows\SysNative\audiosrv.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\audiosrv.dll (Microsoft Corporation)
SRV:64bit: - (AeLookupSvc) -- C:\Windows\SysNative\aelupsvc.dll (Microsoft Corporation)
SRV:64bit: - (Appinfo) -- C:\Windows\SysNative\appinfo.dll (Microsoft Corporation)
SRV:64bit: - (AppIDSvc) -- C:\Windows\SysNative\appidsvc.dll (Microsoft Corporation)
SRV:64bit: - (WMPNetworkSvc) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV:64bit: - (wmiApSrv) -- C:\Windows\SysNative\wbem\WmiApSrv.exe (Microsoft Corporation)
SRV:64bit: - (wbengine) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation)
SRV:64bit: - (VSS) -- C:\Windows\SysNative\VSSVC.exe (Microsoft Corporation)

jomos · 29.11.2009, 22:00

OTL.txt Teil 2

Code:

ATTFilter

SRV:64bit: - (vds) -- C:\Windows\SysNative\vds.exe (Microsoft Corporation)
SRV:64bit: - (UI0Detect) -- C:\Windows\SysNative\UI0Detect.exe (Microsoft Corporation)
SRV:64bit: - (Spooler) -- C:\Windows\SysNative\spoolsv.exe (Microsoft Corporation)
SRV:64bit: - (SNMPTRAP) -- C:\Windows\SysNative\snmptrap.exe (Microsoft Corporation)
SRV:64bit: - (WSearch) -- C:\Windows\SysNative\SearchIndexer.exe (Microsoft Corporation)
SRV:64bit: - (sppsvc) -- C:\Windows\SysNative\sppsvc.exe (Microsoft Corporation)
SRV:64bit: - (MSDTC) -- C:\Windows\SysNative\msdtc.exe (Microsoft Corporation)
SRV:64bit: - (msiserver) -- C:\Windows\SysNative\msiexec.exe (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\lsass.exe (Microsoft Corporation)
SRV:64bit: - (SamSs) -- C:\Windows\SysNative\lsass.exe (Microsoft Corporation)
SRV:64bit: - (ProtectedStorage) -- C:\Windows\SysNative\lsass.exe (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\lsass.exe (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\lsass.exe (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\lsass.exe (Microsoft Corporation)
SRV:64bit: - (RpcLocator) -- C:\Windows\SysNative\Locator.exe (Microsoft Corporation)
SRV:64bit: - (Fax) -- C:\Windows\SysNative\FXSSVC.exe (Microsoft Corporation)
SRV:64bit: - (COMSysApp) -- C:\Windows\SysNative\dllhost.exe (Microsoft Corporation)
SRV:64bit: - (ALG) -- C:\Windows\SysNative\alg.exe (Microsoft Corporation)
SRV:64bit: - (nvsvc) -- C:\Windows\SysNative\nvvsvc.exe (NVIDIA Corporation)
SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21bd21dd0a38d98e\stacsv64.exe (IDT, Inc.)
SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21bd21dd0a38d98e\AESTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (avg9emc) -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avg9wd) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (scan) -- C:\Programme\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll (S.C. BitDefender S.R.L)
SRV - (VSS) -- C:\Windows\Vss [2009.07.14 04:20:14 | 00,000,000 | ---D | M]
SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2009.07.14 04:20:14 | 00,000,000 | ---D | M]
SRV - (TrustedInstaller) -- C:\Windows\servicing\TrustedInstaller.exe (Microsoft Corporation)
SRV - (ehRecvr) -- C:\Windows\ehome\ehrecvr.exe (Microsoft Corporation)
SRV - (ehSched) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation)
SRV - (WinRM) Windows-Remoteverwaltung (WS-Verwaltung) -- C:\Windows\SysWOW64\WsmSvc.dll (Microsoft Corporation)
SRV - (WPCSvc) -- C:\Windows\SysWOW64\wpcsvc.dll (Microsoft Corporation)
SRV - (WinHttpAutoProxySvc) -- C:\Windows\SysWOW64\winhttp.dll (Microsoft Corporation)
SRV - (wcncsvc) -- C:\Windows\SysWOW64\wcncsvc.dll (Microsoft Corporation)
SRV - (WebClient) -- C:\Windows\SysWOW64\WebClnt.dll (Microsoft Corporation)
SRV - (WdiSystemHost) -- C:\Windows\SysWOW64\wdi.dll (Microsoft Corporation)
SRV - (WdiServiceHost) -- C:\Windows\SysWOW64\wdi.dll (Microsoft Corporation)
SRV - (WcsPlugInService) -- C:\Windows\SysWOW64\WcsPlugInService.dll (Microsoft Corporation)
SRV - (upnphost) -- C:\Windows\SysWOW64\upnphost.dll (Microsoft Corporation)
SRV - (TapiSrv) -- C:\Windows\SysWOW64\tapisrv.dll (Microsoft Corporation)
SRV - (ShellHWDetection) -- C:\Windows\SysWOW64\shsvcs.dll (Microsoft Corporation)
SRV - (SessionEnv) -- C:\Windows\SysWOW64\SessEnv.dll (Microsoft Corporation)
SRV - (SENS) -- C:\Windows\SysWOW64\Sens.dll (Microsoft Corporation)
SRV - (pla) -- C:\Windows\SysWOW64\pla.dll (Microsoft Corporation)
SRV - (QWAVE) -- C:\Windows\SysWOW64\qwave.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\SysWOW64\provsvc.dll (Microsoft Corporation)
SRV - (netprofm) -- C:\Windows\SysWOW64\netprofm.dll (Microsoft Corporation)
SRV - (Netlogon) -- C:\Windows\SysWOW64\netlogon.dll (Microsoft Corporation)
SRV - (RemoteAccess) -- C:\Windows\SysWOW64\mprdim.dll (Microsoft Corporation)
SRV - (KeyIso) -- C:\Windows\SysWOW64\keyiso.dll (Microsoft Corporation)
SRV - (hidserv) -- C:\Windows\SysWOW64\hidserv.dll (Microsoft Corporation)
SRV - (EventSystem) -- C:\Windows\SysWOW64\es.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\SysWOW64\dhcpcore.dll (Microsoft Corporation)
SRV - (CryptSvc) -- C:\Windows\SysWOW64\cryptsvc.dll (Microsoft Corporation)
SRV - (WSearch) -- C:\Windows\SysWow64\SearchIndexer.exe (Microsoft Corporation)
SRV - (PerfHost) -- C:\Windows\SysWOW64\perfhost.exe (Microsoft Corporation)
SRV - (msiserver) -- C:\Windows\SysWow64\msiexec.exe (Microsoft Corporation)
SRV - (COMSysApp) -- C:\Windows\SysWow64\dllhost.exe (Microsoft Corporation)
SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof ()
SRV - (postgresql-8.4) -- C:\Program Files (x86)\PostgreSQL2\8.4\bin\pg_ctl.exe (PostgreSQL Global Development Group)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0) -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (idsvc) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (gupdate1c9cddcfc110e0) Google Update Service (gupdate1c9cddcfc110e0) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (gusvc) -- C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (Com4QLBEx) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (Hewlett-Packard Development Company, L.P.)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (odserv) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (Norton Internet Security) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (Symantec Corporation)
SRV - (hpqwmiex) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Hewlett-Packard Development Company, L.P.)
SRV - (Recovery Service for Windows) -- C:\Program Files (x86)\SMINST\BLService.exe ()
SRV - (pgsql-8.3) -- C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe (PostgreSQL Global Development Group)
SRV - (RichVideo) Cyberlink RichVideo Service(CRVS) -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe ()
SRV - (HP Health Check Service) -- c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe (Hewlett-Packard)
SRV - (LightScribeService) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (VMCService) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (UPnPService) -- C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe (Magix AG)
SRV - (ose) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
SRV - (IDriverT) -- C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (BDFM) -- C:\Windows\SysNative\drivers\bdfm.sys (BitDefender S.R.L. Bucharest, ROMANIA)
DRV:64bit: - (AvgTdiA) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AvgLdx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AvgMfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (DXGKrnl) -- C:\Windows\SysNative\drivers\dxgkrnl.sys (Microsoft Corporation)
DRV:64bit: - (bdfsfltr) -- C:\Windows\SysNative\drivers\bdfsfltr.sys (BitDefender S.R.L. Bucharest, ROMANIA)
DRV:64bit: - (CLFS) Gemeinsames Protokoll (CLFS) -- C:\Windows\SysNative\clfs.sys (Microsoft Corporation)
DRV:64bit: - (Compbatt) -- C:\Windows\SysNative\drivers\compbatt.sys (Microsoft Corporation)
DRV:64bit: - (cmdide) -- C:\Windows\SysNative\drivers\cmdide.sys (CMD Technology, Inc.)
DRV:64bit: - (adp94xx) -- C:\Windows\SysNative\drivers\adp94xx.sys (Adaptec, Inc.)
DRV:64bit: - (adpahci) -- C:\Windows\SysNative\drivers\adpahci.sys (Adaptec, Inc.)
DRV:64bit: - (ACPI) -- C:\Windows\SysNative\drivers\acpi.sys (Microsoft Corporation)
DRV:64bit: - (adpu320) -- C:\Windows\SysNative\drivers\adpu320.sys (Adaptec, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (arcsas) -- C:\Windows\SysNative\drivers\arcsas.sys (Adaptec, Inc.)
DRV:64bit: - (arc) -- C:\Windows\SysNative\drivers\arc.sys (Adaptec, Inc.)
DRV:64bit: - (agp440) -- C:\Windows\SysNative\drivers\AGP440.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (atapi) -- C:\Windows\SysNative\drivers\atapi.sys (Microsoft Corporation)
DRV:64bit: - (amdide) -- C:\Windows\SysNative\drivers\amdide.sys (Microsoft Corporation)
DRV:64bit: - (aliide) -- C:\Windows\SysNative\drivers\aliide.sys (Acer Laboratories Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\drivers\ntfs.sys (Microsoft Corporation)
DRV:64bit: - (NDIS) -- C:\Windows\SysNative\drivers\ndis.sys (Microsoft Corporation)
DRV:64bit: - (iScsiPrt) -- C:\Windows\SysNative\drivers\msiscsi.sys (Microsoft Corporation)
DRV:64bit: - (mpio) -- C:\Windows\SysNative\drivers\mpio.sys (Microsoft Corporation)
DRV:64bit: - (nvraid) -- C:\Windows\SysNative\drivers\nvraid.sys (NVIDIA Corporation)
DRV:64bit: - (msdsm) -- C:\Windows\SysNative\drivers\msdsm.sys (Microsoft Corporation)
DRV:64bit: - (mountmgr) -- C:\Windows\SysNative\drivers\mountmgr.sys (Microsoft Corporation)
DRV:64bit: - (Mup) -- C:\Windows\SysNative\drivers\mup.sys (Microsoft Corporation)
DRV:64bit: - (mouclass) -- C:\Windows\SysNative\drivers\mouclass.sys (Microsoft Corporation)
DRV:64bit: - (mssmbios) -- C:\Windows\SysNative\drivers\mssmbios.sys (Microsoft Corporation)
DRV:64bit: - (msahci) -- C:\Windows\SysNative\drivers\msahci.sys (Microsoft Corporation)
DRV:64bit: - (msisadrv) -- C:\Windows\SysNative\drivers\msisadrv.sys (Microsoft Corporation)
DRV:64bit: - (MsRPC) -- C:\Windows\SysNative\drivers\msrpc.sys (Microsoft Corporation)
DRV:64bit: - (nv_agp) -- C:\Windows\SysNative\drivers\NV_AGP.SYS (Microsoft Corporation)
DRV:64bit: - (nfrd960) -- C:\Windows\SysNative\drivers\nfrd960.sys (IBM Corporation)
DRV:64bit: - (iaStorV) -- C:\Windows\SysNative\drivers\iaStorV.sys (Intel Corporation)
DRV:64bit: - (MegaSR) -- C:\Windows\SysNative\drivers\MegaSR.sys (LSI Corporation, Inc.)
DRV:64bit: - (KSecPkg) -- C:\Windows\SysNative\drivers\ksecpkg.sys (Microsoft Corporation)
DRV:64bit: - (LSI_SCSI) -- C:\Windows\SysNative\drivers\lsi_scsi.sys (LSI Corporation)
DRV:64bit: - (LSI_FC) -- C:\Windows\SysNative\drivers\lsi_fc.sys (LSI Corporation)
DRV:64bit: - (LSI_SAS) -- C:\Windows\SysNative\drivers\lsi_sas.sys (LSI Corporation)
DRV:64bit: - (KSecDD) -- C:\Windows\SysNative\drivers\ksecdd.sys (Microsoft Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (kbdclass) -- C:\Windows\SysNative\drivers\kbdclass.sys (Microsoft Corporation)
DRV:64bit: - (iirsp) -- C:\Windows\SysNative\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV:64bit: - (megasas) -- C:\Windows\SysNative\drivers\megasas.sys (LSI Corporation)
DRV:64bit: - (isapnp) -- C:\Windows\SysNative\drivers\isapnp.sys (Microsoft Corporation)
DRV:64bit: - (intelide) -- C:\Windows\SysNative\drivers\intelide.sys (Microsoft Corporation)
DRV:64bit: - (hwpolicy) -- C:\Windows\SysNative\drivers\hwpolicy.sys (Microsoft Corporation)
DRV:64bit: - (FsDepends) -- C:\Windows\SysNative\drivers\fsdepends.sys (Microsoft Corporation)
DRV:64bit: - (elxstor) -- C:\Windows\SysNative\drivers\elxstor.sys (Emulex)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (Disk) -- C:\Windows\SysNative\drivers\disk.sys (Microsoft Corporation)
DRV:64bit: - (FileInfo) -- C:\Windows\SysNative\drivers\fileinfo.sys (Microsoft Corporation)
DRV:64bit: - (gagp30kx) -- C:\Windows\SysNative\drivers\GAGP30KX.SYS (Microsoft Corporation)
DRV:64bit: - (crcdisk) -- C:\Windows\SysNative\drivers\crcdisk.sys (Microsoft Corporation)
DRV:64bit: - (FltMgr) -- C:\Windows\SysNative\drivers\fltMgr.sys (Microsoft Corporation)
DRV:64bit: - (WIMMount) -- C:\Windows\SysNative\drivers\wimmount.sys (Microsoft Corporation)
DRV:64bit: - (TCPIP6) -- C:\Windows\SysNative\drivers\tcpip.sys (Microsoft Corporation)
DRV:64bit: - (Tcpip) -- C:\Windows\SysNative\drivers\tcpip.sys (Microsoft Corporation)
DRV:64bit: - (Wdf01000) -- C:\Windows\SysNative\drivers\Wdf01000.sys (Microsoft Corporation)
DRV:64bit: - (volmgrx) -- C:\Windows\SysNative\drivers\volmgrx.sys (Microsoft Corporation)
DRV:64bit: - (volsnap) -- C:\Windows\SysNative\drivers\volsnap.sys (Microsoft Corporation)
DRV:64bit: - (vhdmp) -- C:\Windows\SysNative\drivers\vhdmp.sys (Microsoft Corporation)
DRV:64bit: - (vsmraid) -- C:\Windows\SysNative\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV:64bit: - (volmgr) -- C:\Windows\SysNative\drivers\volmgr.sys (Microsoft Corporation)
DRV:64bit: - (uliagpkx) -- C:\Windows\SysNative\drivers\ULIAGPKX.SYS (Microsoft Corporation)
DRV:64bit: - (uagp35) -- C:\Windows\SysNative\drivers\UAGP35.SYS (Microsoft Corporation)
DRV:64bit: - (TermDD) -- C:\Windows\SysNative\drivers\termdd.sys (Microsoft Corporation)
DRV:64bit: - (vdrvroot) -- C:\Windows\SysNative\drivers\vdrvroot.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (Wd) -- C:\Windows\SysNative\drivers\wd.sys (Microsoft Corporation)
DRV:64bit: - (spldr) -- C:\Windows\SysNative\drivers\spldr.sys (Microsoft Corporation)
DRV:64bit: - (viaide) -- C:\Windows\SysNative\drivers\viaide.sys (VIA Technologies, Inc.)
DRV:64bit: - (swenum) -- C:\Windows\SysNative\drivers\swenum.sys (Microsoft Corporation)
DRV:64bit: - (ql2300) -- C:\Windows\SysNative\drivers\ql2300.sys (QLogic Corporation)
DRV:64bit: - (rdyboost) -- C:\Windows\SysNative\drivers\rdyboost.sys (Microsoft Corporation)
DRV:64bit: - (SiSRaid4) -- C:\Windows\SysNative\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV:64bit: - (partmgr) -- C:\Windows\SysNative\drivers\partmgr.sys (Microsoft Corporation)
DRV:64bit: - (pcmcia) -- C:\Windows\SysNative\drivers\pcmcia.sys (Microsoft Corporation)
DRV:64bit: - (pci) -- C:\Windows\SysNative\drivers\pci.sys (Microsoft Corporation)
DRV:64bit: - (nvstor) -- C:\Windows\SysNative\drivers\nvstor.sys (NVIDIA Corporation)
DRV:64bit: - (ql40xx) -- C:\Windows\SysNative\drivers\ql40xx.sys (QLogic Corporation)
DRV:64bit: - (sbp2port) -- C:\Windows\SysNative\drivers\sbp2port.sys (Microsoft Corporation)
DRV:64bit: - (pcw) -- C:\Windows\SysNative\drivers\pcw.sys (Microsoft Corporation)
DRV:64bit: - (SiSRaid2) -- C:\Windows\SysNative\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (pciide) -- C:\Windows\SysNative\drivers\pciide.sys (Microsoft Corporation)
DRV:64bit: - (CNG) -- C:\Windows\SysNative\drivers\cng.sys (Microsoft Corporation)
DRV:64bit: - (fvevol) -- C:\Windows\SysNative\drivers\fvevol.sys (Microsoft Corporation)
DRV:64bit: - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\SysNative\drivers\BrSerId.sys (Brother Industries Ltd.)
DRV:64bit: - (PEAUTH) -- C:\Windows\SysNative\drivers\PEAuth.sys (Microsoft Corporation)
DRV:64bit: - (usbprint) -- C:\Windows\SysNative\drivers\usbprint.sys (Microsoft Corporation)
DRV:64bit: - (rdpbus) -- C:\Windows\SysNative\drivers\rdpbus.sys (Microsoft Corporation)
DRV:64bit: - (RDPWD) -- C:\Windows\SysNative\drivers\rdpwd.sys (Microsoft Corporation)
DRV:64bit: - (tssecsrv) -- C:\Windows\SysNative\drivers\tssecsrv.sys (Microsoft Corporation)
DRV:64bit: - (RDPREFMP) -- C:\Windows\SysNative\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV:64bit: - (RDPENCDD) -- C:\Windows\SysNative\drivers\RDPENCDD.sys (Microsoft Corporation)
DRV:64bit: - (RDPCDD) -- C:\Windows\SysNative\drivers\RDPCDD.sys (Microsoft Corporation)
DRV:64bit: - (TDTCP) -- C:\Windows\SysNative\drivers\tdtcp.sys (Microsoft Corporation)
DRV:64bit: - (TDPIPE) -- C:\Windows\SysNative\drivers\tdpipe.sys (Microsoft Corporation)
DRV:64bit: - (Modem) -- C:\Windows\SysNative\drivers\modem.sys (Microsoft Corporation)
DRV:64bit: - (ws2ifsl) -- C:\Windows\SysNative\drivers\ws2ifsl.sys (Microsoft Corporation)
DRV:64bit: - (RasSstp) WAN-Miniport (SSTP) -- C:\Windows\SysNative\drivers\rassstp.sys (Microsoft Corporation)
DRV:64bit: - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\SysNative\drivers\agilevpn.sys (Microsoft Corporation)
DRV:64bit: - (Wanarpv6) -- C:\Windows\SysNative\drivers\wanarp.sys (Microsoft Corporation)
DRV:64bit: - (WANARP) -- C:\Windows\SysNative\drivers\wanarp.sys (Microsoft Corporation)
DRV:64bit: - (PptpMiniport) WAN-Miniport (PPTP) -- C:\Windows\SysNative\drivers\raspptp.sys (Microsoft Corporation)
DRV:64bit: - (RasPppoe) -- C:\Windows\SysNative\drivers\raspppoe.sys (Microsoft Corporation)
DRV:64bit: - (NdisWan) -- C:\Windows\SysNative\drivers\ndiswan.sys (Microsoft Corporation)
DRV:64bit: - (AsyncMac) -- C:\Windows\SysNative\drivers\asyncmac.sys (Microsoft Corporation)
DRV:64bit: - (Rasl2tp) WAN-Miniport (L2TP) -- C:\Windows\SysNative\drivers\rasl2tp.sys (Microsoft Corporation)
DRV:64bit: - (RasAcd) -- C:\Windows\SysNative\drivers\rasacd.sys (Microsoft Corporation)

jomos · 29.11.2009, 22:02

OTL.txt Teil 3

Code:

ATTFilter

DRV:64bit: - (NDProxy) -- C:\Windows\SysNative\drivers\ndproxy.sys (Microsoft Corporation)
DRV:64bit: - (IpFilterDriver) -- C:\Windows\SysNative\drivers\ipfltdrv.sys (Microsoft Corporation)
DRV:64bit: - (IPNAT) -- C:\Windows\SysNative\drivers\ipnat.sys (Microsoft Corporation)
DRV:64bit: - (NdisTapi) -- C:\Windows\SysNative\drivers\ndistapi.sys (Microsoft Corporation)
DRV:64bit: - (tcpipreg) -- C:\Windows\SysNative\drivers\tcpipreg.sys (Microsoft Corporation)
DRV:64bit: - (QWAVEdrv) -- C:\Windows\SysNative\drivers\qwavedrv.sys (Microsoft Corporation)
DRV:64bit: - (Psched) -- C:\Windows\SysNative\drivers\pacer.sys (Microsoft Corporation)
DRV:64bit: - (tunnel) -- C:\Windows\SysNative\drivers\tunnel.sys (Microsoft Corporation)
DRV:64bit: - (NetBIOS) -- C:\Windows\SysNative\drivers\netbios.sys (Microsoft Corporation)
DRV:64bit: - (WfpLwf) -- C:\Windows\SysNative\drivers\wfplwf.sys (Microsoft Corporation)
DRV:64bit: - (Ndisuio) -- C:\Windows\SysNative\drivers\ndisuio.sys (Microsoft Corporation)
DRV:64bit: - (Smb) Nachrichtenorientiertes TCP/IP- und TCP/IPv6-Protokoll (SMB-Sitzung) -- C:\Windows\SysNative\drivers\smb.sys (Microsoft Corporation)
DRV:64bit: - (IRENUM) -- C:\Windows\SysNative\drivers\irenum.sys (Microsoft Corporation)
DRV:64bit: - (rspndr) -- C:\Windows\SysNative\drivers\rspndr.sys (Microsoft Corporation)
DRV:64bit: - (lltdio) -- C:\Windows\SysNative\drivers\lltdio.sys (Microsoft Corporation)
DRV:64bit: - (mpsdrv) -- C:\Windows\SysNative\drivers\mpsdrv.sys (Microsoft Corporation)
DRV:64bit: - (NdisCap) -- C:\Windows\SysNative\drivers\ndiscap.sys (Microsoft Corporation)
DRV:64bit: - (NativeWifiP) -- C:\Windows\SysNative\drivers\nwifi.sys (Microsoft Corporation)
DRV:64bit: - (vwifibus) -- C:\Windows\SysNative\drivers\vwifibus.sys (Microsoft Corporation)
DRV:64bit: - (1394ohci) -- C:\Windows\SysNative\drivers\1394ohci.sys (Microsoft Corporation)
DRV:64bit: - (usbhub) -- C:\Windows\SysNative\drivers\usbhub.sys (Microsoft Corporation)
DRV:64bit: - (usbvideo) USB-Videogerät (WDM) -- C:\Windows\SysNative\drivers\usbvideo.sys (Microsoft Corporation)
DRV:64bit: - (BthPan) Bluetooth-Gerät (PAN) -- C:\Windows\SysNative\drivers\bthpan.sys (Microsoft Corporation)
DRV:64bit: - (BTHPORT) -- C:\Windows\SysNative\drivers\bthport.sys (Microsoft Corporation)
DRV:64bit: - (RFCOMM) Bluetooth-Gerät (RFCOMM-Protokoll-TDI) -- C:\Windows\SysNative\drivers\rfcomm.sys (Microsoft Corporation)
DRV:64bit: - (umbus) -- C:\Windows\SysNative\drivers\umbus.sys (Microsoft Corporation)
DRV:64bit: - (BthEnum) -- C:\Windows\SysNative\drivers\bthenum.sys (Microsoft Corporation)
DRV:64bit: - (HidBth) -- C:\Windows\SysNative\drivers\hidbth.sys (Microsoft Corporation)
DRV:64bit: - (BTHUSB) -- C:\Windows\SysNative\drivers\BTHUSB.SYS (Microsoft Corporation)
DRV:64bit: - (BTHMODEM) -- C:\Windows\SysNative\drivers\bthmodem.sys (Microsoft Corporation)
DRV:64bit: - (UmPass) -- C:\Windows\SysNative\drivers\umpass.sys (Microsoft Corporation)
DRV:64bit: - (usbccgp) -- C:\Windows\SysNative\drivers\usbccgp.sys (Microsoft Corporation)
DRV:64bit: - (ohci1394) 1394 OHCI Compliant Host Controller (Legacy) -- C:\Windows\SysNative\drivers\ohci1394.sys (Microsoft Corporation)
DRV:64bit: - (usbcir) eHome Infrared Receiver (USBCIR) -- C:\Windows\SysNative\drivers\usbcir.sys (Microsoft Corporation)
DRV:64bit: - (USBSTOR) -- C:\Windows\SysNative\drivers\USBSTOR.SYS (Microsoft Corporation)
DRV:64bit: - (circlass) -- C:\Windows\SysNative\drivers\circlass.sys (Microsoft Corporation)
DRV:64bit: - (usbehci) -- C:\Windows\SysNative\drivers\usbehci.sys (Microsoft Corporation)
DRV:64bit: - (usbohci) -- C:\Windows\SysNative\drivers\usbohci.sys (Microsoft Corporation)
DRV:64bit: - (usbuhci) -- C:\Windows\SysNative\drivers\usbuhci.sys (Microsoft Corporation)
DRV:64bit: - (mshidkmdf) -- C:\Windows\SysNative\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV:64bit: - (HidIr) -- C:\Windows\SysNative\drivers\hidir.sys (Microsoft Corporation)
DRV:64bit: - (HidUsb) -- C:\Windows\SysNative\drivers\hidusb.sys (Microsoft Corporation)
DRV:64bit: - (drmkaud) -- C:\Windows\SysNative\drivers\drmkaud.sys (Microsoft Corporation)
DRV:64bit: - (HDAudBus) -- C:\Windows\SysNative\drivers\hdaudbus.sys (Microsoft Corporation)
DRV:64bit: - (WUDFRd) -- C:\Windows\SysNative\drivers\WUDFRd.sys (Microsoft Corporation)
DRV:64bit: - (WudfPf) -- C:\Windows\SysNative\drivers\WUDFPf.sys (Microsoft Corporation)
DRV:64bit: - (MTConfig) -- C:\Windows\SysNative\drivers\MTConfig.sys (Microsoft Corporation)
DRV:64bit: - (WacomPen) -- C:\Windows\SysNative\drivers\wacompen.sys (Microsoft Corporation)
DRV:64bit: - (sffp_mmc) -- C:\Windows\SysNative\drivers\sffp_mmc.sys (Microsoft Corporation)
DRV:64bit: - (sfloppy) -- C:\Windows\SysNative\drivers\sfloppy.sys (Microsoft Corporation)
DRV:64bit: - (sffp_sd) -- C:\Windows\SysNative\drivers\sffp_sd.sys (Microsoft Corporation)
DRV:64bit: - (sffdisk) -- C:\Windows\SysNative\drivers\sffdisk.sys (Microsoft Corporation)
DRV:64bit: - (fdc) -- C:\Windows\SysNative\drivers\fdc.sys (Microsoft Corporation)
DRV:64bit: - (flpydisk) -- C:\Windows\SysNative\drivers\flpydisk.sys (Microsoft Corporation)
DRV:64bit: - (Parport) -- C:\Windows\SysNative\drivers\parport.sys (Microsoft Corporation)
DRV:64bit: - (Serial) -- C:\Windows\SysNative\drivers\serial.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\drivers\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (Serenum) -- C:\Windows\SysNative\drivers\serenum.sys (Microsoft Corporation)
DRV:64bit: - (kbdhid) -- C:\Windows\SysNative\drivers\kbdhid.sys (Microsoft Corporation)
DRV:64bit: - (mouhid) -- C:\Windows\SysNative\drivers\mouhid.sys (Microsoft Corporation)
DRV:64bit: - (sermouse) -- C:\Windows\SysNative\drivers\sermouse.sys (Microsoft Corporation)
DRV:64bit: - (ksthunk) -- C:\Windows\SysNative\drivers\ksthunk.sys (Microsoft Corporation)
DRV:64bit: - (MSKSSRV) -- C:\Windows\SysNative\drivers\mskssrv.sys (Microsoft Corporation)
DRV:64bit: - (MSTEE) -- C:\Windows\SysNative\drivers\mstee.sys (Microsoft Corporation)
DRV:64bit: - (MSPCLOCK) -- C:\Windows\SysNative\drivers\mspclock.sys (Microsoft Corporation)
DRV:64bit: - (MSPQM) -- C:\Windows\SysNative\drivers\mspqm.sys (Microsoft Corporation)
DRV:64bit: - (Beep) -- C:\Windows\SysNative\drivers\beep.sys (Microsoft Corporation)
DRV:64bit: - (AppID) -- C:\Windows\SysNative\drivers\appid.sys (Microsoft Corporation)
DRV:64bit: - (scfilter) -- C:\Windows\SysNative\drivers\scfilter.sys (Microsoft Corporation)
DRV:64bit: - (IPMIDRV) -- C:\Windows\SysNative\drivers\IPMIDrv.sys (Microsoft Corporation)
DRV:64bit: - (monitor) -- C:\Windows\SysNative\drivers\monitor.sys (Microsoft Corporation)
DRV:64bit: - (VgaSave) -- C:\Windows\SysNative\drivers\vga.sys (Microsoft Corporation)
DRV:64bit: - (vga) -- C:\Windows\SysNative\drivers\vgapnp.sys (Microsoft Corporation)
DRV:64bit: - (discache) -- C:\Windows\SysNative\drivers\discache.sys (Microsoft Corporation)
DRV:64bit: - (blbdrive) -- C:\Windows\SysNative\drivers\blbdrive.sys (Microsoft Corporation)
DRV:64bit: - (HidBatt) -- C:\Windows\SysNative\drivers\hidbatt.sys (Microsoft Corporation)
DRV:64bit: - (ErrDev) -- C:\Windows\SysNative\drivers\errdev.sys (Microsoft Corporation)
DRV:64bit: - (CmBatt) -- C:\Windows\SysNative\drivers\CmBatt.sys (Microsoft Corporation)
DRV:64bit: - (WmiAcpi) -- C:\Windows\SysNative\drivers\wmiacpi.sys (Microsoft Corporation)
DRV:64bit: - (AcpiPmi) -- C:\Windows\SysNative\drivers\acpipmi.sys (Microsoft Corporation)
DRV:64bit: - (luafv) -- C:\Windows\SysNative\drivers\luafv.sys (Microsoft Corporation)
DRV:64bit: - (Filetrace) -- C:\Windows\SysNative\drivers\filetrace.sys (Microsoft Corporation)
DRV:64bit: - (srv) -- C:\Windows\SysNative\drivers\srv.sys (Microsoft Corporation)
DRV:64bit: - (srv2) -- C:\Windows\SysNative\drivers\srv2.sys (Microsoft Corporation)
DRV:64bit: - (srvnet) -- C:\Windows\SysNative\drivers\srvnet.sys (Microsoft Corporation)
DRV:64bit: - (rdbss) -- C:\Windows\SysNative\drivers\rdbss.sys (Microsoft Corporation)
DRV:64bit: - (mrxsmb10) -- C:\Windows\SysNative\drivers\mrxsmb10.sys (Microsoft Corporation)
DRV:64bit: - (mrxsmb20) -- C:\Windows\SysNative\drivers\mrxsmb20.sys (Microsoft Corporation)
DRV:64bit: - (mrxsmb) -- C:\Windows\SysNative\drivers\mrxsmb.sys (Microsoft Corporation)
DRV:64bit: - (MRxDAV) -- C:\Windows\SysNative\drivers\mrxdav.sys (Microsoft Corporation)
DRV:64bit: - (bowser) -- C:\Windows\SysNative\drivers\bowser.sys (Microsoft Corporation)
DRV:64bit: - (DfsC) -- C:\Windows\SysNative\drivers\dfsc.sys (Microsoft Corporation)
DRV:64bit: - (udfs) -- C:\Windows\SysNative\drivers\udfs.sys (Microsoft Corporation)
DRV:64bit: - (fastfat) -- C:\Windows\SysNative\drivers\fastfat.sys (Microsoft Corporation)
DRV:64bit: - (exfat) -- C:\Windows\SysNative\drivers\exfat.sys (Microsoft Corporation)
DRV:64bit: - (HTTP) -- C:\Windows\SysNative\drivers\http.sys (Microsoft Corporation)
DRV:64bit: - (AFD) -- C:\Windows\SysNative\drivers\afd.sys (Microsoft Corporation)
DRV:64bit: - (NetBT) -- C:\Windows\SysNative\drivers\netbt.sys (Microsoft Corporation)
DRV:64bit: - (tdx) -- C:\Windows\SysNative\drivers\tdx.sys (Microsoft Corporation)
DRV:64bit: - (nsiproxy) -- C:\Windows\SysNative\drivers\nsiproxy.sys (Microsoft Corporation)
DRV:64bit: - (i8042prt) -- C:\Windows\SysNative\drivers\i8042prt.sys (Microsoft Corporation)
DRV:64bit: - (cdrom) -- C:\Windows\SysNative\drivers\cdrom.sys (Microsoft Corporation)
DRV:64bit: - (Npfs) -- C:\Windows\SysNative\drivers\npfs.sys (Microsoft Corporation)
DRV:64bit: - (cdfs) -- C:\Windows\SysNative\drivers\cdfs.sys (Microsoft Corporation)
DRV:64bit: - (Msfs) -- C:\Windows\SysNative\drivers\msfs.sys (Microsoft Corporation)
DRV:64bit: - (Null) -- C:\Windows\SysNative\drivers\null.sys (Microsoft Corporation)
DRV:64bit: - (AmdK8) -- C:\Windows\SysNative\drivers\amdk8.sys (Microsoft Corporation)
DRV:64bit: - (intelppm) -- C:\Windows\SysNative\drivers\intelppm.sys (Microsoft Corporation)
DRV:64bit: - (AmdPPM) -- C:\Windows\SysNative\drivers\amdppm.sys (Microsoft Corporation)
DRV:64bit: - (Processor) -- C:\Windows\SysNative\drivers\processr.sys (Microsoft Corporation)
DRV:64bit: - (BrSerWdm) -- C:\Windows\SysNative\drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV:64bit: - (BrUsbMdm) -- C:\Windows\SysNative\drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV:64bit: - (BrUsbSer) -- C:\Windows\SysNative\drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV:64bit: - (BrFiltLo) -- C:\Windows\SysNative\drivers\BrFiltLo.sys (Brother Industries, Ltd.)
DRV:64bit: - (BrFiltUp) -- C:\Windows\SysNative\drivers\BrFiltUp.sys (Brother Industries, Ltd.)
DRV:64bit: - (secdrv) -- C:\Windows\SysNative\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV:64bit: - (netw5v64) Intel(R) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\NISx64\1000000.07D\srtsp64.sys (Symantec Corporation)
DRV:64bit: - (ccHP) -- C:\Windows\SysNative\drivers\NISx64\1000000.07D\ccHPx64.sys (Symantec Corporation)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NISx64\1000000.07D\SymEFA64.sys (Symantec Corporation)
DRV:64bit: - (SYMTDI) -- C:\Windows\SysNative\drivers\NISx64\1000000.07D\symtdi.sys (Symantec Corporation)
DRV:64bit: - (SYMFW) -- C:\Windows\SysNative\drivers\NISx64\1000000.07D\symfw.sys (Symantec Corporation)
DRV:64bit: - (SYMNDISV) -- C:\Windows\SysNative\drivers\NISx64\1000000.07D\symndisv.sys (Symantec Corporation)
DRV:64bit: - (SYMREDRV) -- C:\Windows\SysNative\drivers\NISx64\1000000.07D\symredrv.sys (Symantec Corporation)
DRV:64bit: - (SymIM) -- C:\Windows\SysNative\drivers\SymIMV.sys (Symantec Corporation)
DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\NISx64\1000000.07D\srtspx64.sys (Symantec Corporation)
DRV:64bit: - (SYMDNS) -- C:\Windows\SysNative\drivers\NISx64\1000000.07D\symdns.sys (Symantec Corporation)
DRV:64bit: - (nvlddmkm) -- C:\Windows\SysNative\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\drivers\Rtlh64.sys (Realtek Corporation                                            )
DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation)
DRV:64bit: - (enecir) -- C:\Windows\SysNative\drivers\enecir.sys (ENE TECHNOLOGY INC.)
DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard Corporation)
DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard Corporation)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics, Inc.)
DRV:64bit: - (mod7700) -- C:\Windows\SysNative\drivers\mod7700.sys (DiBcom SA)
DRV:64bit: - (MODRC) -- C:\Windows\SysNative\drivers\modrc.sys (DiBcom S.A.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV - (bdfwfpf) -- C:\Programme\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys (BitDefender LLC)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (NetBIOS) -- C:\Windows\SysWOW64\netbios.dll (Microsoft Corporation)
DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof ()
DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof ()
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\EX64.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20080826.006\IDSVia64.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\ENG64.SYS (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - ({55662437-DA8C-40c0-AADA-2C816A897A49}) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl (Cyberlink Corp.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "infokrieg.tv"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.701
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: {8545daff-ad1e-493f-a37e-eed1ac79682b}:1.0
FF - prefs.js..extensions.enabledItems: {7BA52691-1876-45ce-9EE6-54BCB3B04BBC}:3.0
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..extensions.enabledItems: FFToolbar@bitdefender.com:2.0
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.11.12 03:20:43 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG9\Firefox [2009.11.12 03:06:32 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2009.11.26 21:18:21 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009.11.26 21:33:00 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009.11.15 20:44:18 | 00,000,000 | ---D | M]
 
[2009.11.12 03:31:17 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\mozilla\Extensions
[2009.05.05 17:36:04 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\mozilla\Firefox\Profiles\c1jh5jod.default\extensions
[2009.11.28 11:27:13 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2009.11.12 03:16:22 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2009.10.19 18:59:44 | 00,047,104 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files (x86)\mozilla firefox\components\FFComm.dll
[2008.03.15 14:56:14 | 00,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2008.10.13 19:34:40 | 00,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2008.02.19 15:40:48 | 00,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2006.12.03 16:59:22 | 00,000,986 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2006.11.17 12:19:24 | 00,000,801 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: (761 bytes) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\Antispam32\IEToolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe (BitDefender S.R.L.)
O4:64bit: - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe (BitDefender S.R.L.)
O4:64bit: - HKLM..\Run: [BitDefender Antiphishing Helper 32] C:\Program Files\BitDefender\BitDefender 2010\Antispam32\IEShow.exe (BitDefender S.R.L.)
O4:64bit: - HKLM..\Run: [lxbkbmgr.exe] C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmgr.exe (Lexmark International, Inc.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Programme\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files (x86)\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)

jomos · 29.11.2009, 22:04

OTL.txt Teil 4

Code:

ATTFilter

O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DVDAgent] C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [ Malwarebytes Anti-Malware  (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MobileConnect] C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [NSLauncher] C:\Program Files (x86)\Nokia\Nokia Software Launcher\NSLauncher.exe ()
O4 - HKLM..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TSMAgent] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [PMCLoader] C:\Program Files (x86)\Pinnacle\TVCenter Pro\PMCLoader.exe (Pinnacle Systems GmbH)
O4 - HKCU..\Run: [Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Steam] D:\Games\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\ANYCOM\Bluetooth-USB\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\ANYCOM\Bluetooth-USB\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\ANYCOM\Bluetooth-USB\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\ANYCOM\Bluetooth-USB\btsendto_ie.htm ()
O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ANYCOM\Bluetooth-USB\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ANYCOM\Bluetooth-USB\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ANYCOM\Bluetooth-USB\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ANYCOM\Bluetooth-USB\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.03.13 21:39:50 | 00,000,070 | R--- | M] () - G:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{3ce85d5d-cf2e-11de-8d3a-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{3ce85d5d-cf2e-11de-8d3a-806e6f6e6963}\Shell\AutoRun\command - "" = G:\setup.exe -- [2008.03.13 19:33:06 | 00,323,584 | R--- | M] (Vodafone)
O33 - MountPoints2\{db906eb5-cf37-11de-b210-00235a34af72}\Shell - "" = AutoRun
O33 - MountPoints2\{db906eb5-cf37-11de-b210-00235a34af72}\Shell\AutoRun\command - "" = G:\setup.exe -- [2008.03.13 19:33:06 | 00,323,584 | R--- | M] (Vodafone)
O33 - MountPoints2\{f5b2afbc-d043-11de-a407-00235a34af72}\Shell - "" = AutoRun
O33 - MountPoints2\{f5b2afbc-d043-11de-a407-00235a34af72}\Shell\AutoRun\command - "" = G:\setup.exe -- [2008.03.13 19:33:06 | 00,323,584 | R--- | M] (Vodafone)
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\setup.exe -- [2008.03.13 19:33:06 | 00,323,584 | R--- | M] (Vodafone)
O34 - HKLM BootExecute: (autocheck) -  File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) -  File not found
64bit: O35 - comfile [open] -- "%1" %* File not found
64bit: O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

jomos · 29.11.2009, 22:05

OTL.txt Teil 5

Code:

ATTFilter

========== Files/Folders - Created Within 30 Days ==========
 
[2009.11.29 14:58:41 | 00,000,000 | ---D | C] -- C:\_OTL
[2009.11.29 14:55:36 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2009.11.29 14:54:58 | 00,791,393 | ---- | C] (Lars Hederer                                                ) -- C:\Users\mnk\erunt-setup.exe
[2009.11.27 21:56:28 | 00,532,992 | ---- | C] (OldTimer Tools) -- C:\Users\mnk\Desktop\OTL.exe
[2009.11.27 19:45:26 | 00,000,000 | ---D | C] -- C:\Users\mnk\AppData\Roaming\Malwarebytes
[2009.11.27 19:45:13 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2009.11.27 19:45:06 | 00,022,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2009.11.27 19:45:06 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009.11.27 19:45:05 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2009.11.26 21:18:02 | 00,000,000 | ---D | C] -- C:\Users\mnk\AppData\Roaming\BitDefender
[2009.11.26 21:18:02 | 00,000,000 | ---D | C] -- C:\Programme\Common Files\BitDefender
[2009.11.26 21:18:02 | 00,000,000 | ---D | C] -- C:\Programme\BitDefender
[2009.11.26 21:18:02 | 00,000,000 | ---D | C] -- C:\ProgramData\BitDefender
[2009.11.26 21:16:05 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BitDefender
[2009.11.26 00:54:09 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2009.11.26 00:54:09 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2009.11.25 13:18:08 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tzres.dll
[2009.11.25 13:18:08 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tzres.dll
[2009.11.23 15:32:29 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\PostgreSQL2
[2009.11.23 14:59:24 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\PokerTracker 3
[2009.11.23 11:19:54 | 28,155,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MRT.exe
[2009.11.21 14:57:16 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2009.11.20 18:30:57 | 00,000,000 | ---D | C] -- C:\Users\mnk\AppData\Roaming\CasinoOnNet
[2009.11.20 18:30:37 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\CasinoOnNet
[2009.11.19 16:28:48 | 00,000,000 | ---D | C] -- C:\ProgramData\Vodafone
[2009.11.19 16:28:46 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Vodafone
[2009.11.19 03:52:07 | 00,000,000 | ---D | C] -- C:\Users\mnk\AppData\Local\Diagnostics
[2009.11.18 20:03:27 | 00,000,000 | ---D | C] -- C:\Programme\PlayReady
[2009.11.12 16:22:28 | 00,000,000 | ---D | C] -- C:\Users\mnk\Desktop\Studium
[2009.11.12 12:40:52 | 00,311,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msv1_0.dll
[2009.11.12 12:40:52 | 00,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msv1_0.dll
[2009.11.12 12:40:30 | 00,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2009.11.12 12:12:25 | 09,272,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtml.dll
[2009.11.12 12:12:25 | 05,958,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.dll
[2009.11.12 12:11:53 | 14,629,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2009.11.12 12:11:51 | 11,406,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2009.11.12 12:11:48 | 01,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2009.11.12 12:11:48 | 01,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2009.11.12 12:11:47 | 02,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2009.11.12 12:11:47 | 02,613,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2009.11.12 12:11:47 | 00,982,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgkrnl.sys
[2009.11.12 12:11:47 | 00,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2009.11.12 12:11:47 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2009.11.12 12:11:47 | 00,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2009.11.12 12:11:46 | 00,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2009.11.12 12:11:46 | 00,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2009.11.12 12:11:46 | 00,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2009.11.12 12:11:45 | 12,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2009.11.12 12:11:45 | 12,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2009.11.12 12:10:57 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2009.11.12 12:10:57 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msasn1.dll
[2009.11.12 12:10:25 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedsbs.dll
[2009.11.12 12:10:25 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2009.11.12 11:54:23 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2009.11.12 11:33:04 | 00,000,000 | ---D | C] -- C:\Users\mnk\AppData\Local\Programs
[2009.11.12 11:08:14 | 00,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2009.11.12 11:08:14 | 00,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2009.11.12 11:08:14 | 00,000,000 | -HSD | C] -- C:\Recovery
[2009.11.12 11:08:14 | 00,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2009.11.12 11:08:14 | 00,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2009.11.12 11:08:14 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2009.11.12 11:08:14 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2009.11.12 11:08:14 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2009.11.12 11:08:14 | 00,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2009.11.12 11:08:14 | 00,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2009.11.12 03:02:08 | 00,000,000 | --SD | C] -- C:\Users\mnk\AppData\Roaming\Microsoft
[2009.11.12 03:02:08 | 00,000,000 | R--D | C] -- C:\Users\mnk\Videos
[2009.11.12 03:02:08 | 00,000,000 | R--D | C] -- C:\Users\mnk\Saved Games
[2009.11.12 03:02:08 | 00,000,000 | R--D | C] -- C:\Users\mnk\Pictures
[2009.11.12 03:02:08 | 00,000,000 | R--D | C] -- C:\Users\mnk\Music
[2009.11.12 03:02:08 | 00,000,000 | R--D | C] -- C:\Users\mnk\Links
[2009.11.12 03:02:08 | 00,000,000 | R--D | C] -- C:\Users\mnk\Favorites
[2009.11.12 03:02:08 | 00,000,000 | R--D | C] -- C:\Users\mnk\Downloads
[2009.11.12 03:02:08 | 00,000,000 | R--D | C] -- C:\Users\mnk\Documents
[2009.11.12 03:02:08 | 00,000,000 | R--D | C] -- C:\Users\mnk\Desktop
[2009.11.12 03:02:08 | 00,000,000 | -HSD | C] -- C:\Users\mnk\Vorlagen
[2009.11.12 03:02:08 | 00,000,000 | -HSD | C] -- C:\Users\mnk\AppData\Local\Verlauf
[2009.11.12 03:02:08 | 00,000,000 | -HSD | C] -- C:\Users\mnk\AppData\Local\Temporary Internet Files
[2009.11.12 03:02:08 | 00,000,000 | -HSD | C] -- C:\Users\mnk\Startmenü
[2009.11.12 03:02:08 | 00,000,000 | -HSD | C] -- C:\Users\mnk\SendTo
[2009.11.12 03:02:08 | 00,000,000 | -HSD | C] -- C:\Users\mnk\Recent
[2009.11.12 03:02:08 | 00,000,000 | -HSD | C] -- C:\Users\mnk\Netzwerkumgebung
[2009.11.12 03:02:08 | 00,000,000 | -HSD | C] -- C:\Users\mnk\Lokale Einstellungen
[2009.11.12 03:02:08 | 00,000,000 | -HSD | C] -- C:\Users\mnk\Documents\Eigene Videos
[2009.11.12 03:02:08 | 00,000,000 | -HSD | C] -- C:\Users\mnk\Documents\Eigene Musik
[2009.11.12 03:02:08 | 00,000,000 | -HSD | C] -- C:\Users\mnk\Eigene Dateien
[2009.11.12 03:02:08 | 00,000,000 | -HSD | C] -- C:\Users\mnk\Documents\Eigene Bilder
[2009.11.12 03:02:08 | 00,000,000 | -HSD | C] -- C:\Users\mnk\Druckumgebung
[2009.11.12 03:02:08 | 00,000,000 | -HSD | C] -- C:\Users\mnk\Cookies
[2009.11.12 03:02:08 | 00,000,000 | -HSD | C] -- C:\Users\mnk\AppData\Local\Anwendungsdaten
[2009.11.12 03:02:08 | 00,000,000 | -HSD | C] -- C:\Users\mnk\Anwendungsdaten
[2009.11.12 03:02:08 | 00,000,000 | -H-D | C] -- C:\Users\mnk\AppData
[2009.11.12 03:02:08 | 00,000,000 | ---D | C] -- C:\Users\mnk\AppData\Local\Temp
[2009.11.12 03:02:08 | 00,000,000 | ---D | C] -- C:\Users\mnk\AppData\Local\Microsoft
[2009.11.12 03:02:08 | 00,000,000 | ---D | C] -- C:\Users\mnk\AppData\Roaming\Media Center Programs
[2009.11.12 02:59:15 | 00,000,000 | ---D | C] -- C:\Programme\IDT
[2009.11.12 02:59:14 | 00,562,688 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\idt64mp1.exe
[2009.11.12 02:59:14 | 00,439,808 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTEC64.dll
[2009.11.12 02:59:14 | 00,155,648 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTAC64.dll
[2009.11.12 02:59:14 | 00,076,288 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTCo64.dll
[2009.11.12 02:59:14 | 00,058,880 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTAR64.dll
[2009.11.12 02:59:13 | 10,760,704 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\idtcpl64.cpl
[2009.11.12 02:59:13 | 02,869,248 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stlang64.dll
[2009.11.12 02:59:13 | 00,441,344 | ---- | C] (IDT, Inc.) -- C:\Windows\sttray64.exe
[2009.11.12 02:59:12 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\SRSLabs
[2009.11.12 02:58:40 | 00,000,000 | ---D | C] -- C:\Programme\Synaptics
[2009.11.12 02:56:38 | 02,112,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcplui.exe
[2009.11.12 02:56:38 | 01,097,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpluir.dll
[2009.11.12 02:56:38 | 00,410,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.cpl
[2009.11.12 02:56:37 | 00,501,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvuninst.exe
[2009.11.12 02:54:17 | 00,000,000 | ---D | C] -- C:\Windows\Prefetch
[2009.11.12 02:52:52 | 00,000,000 | ---D | C] -- C:\Windows\Panther
[2009.11.12 02:31:37 | 00,000,000 | -H-D | C] -- C:\$WINDOWS.~Q
[2009.11.12 02:19:48 | 00,000,000 | -H-D | C] -- C:\$INPLACE.~TR
[2009.11.12 01:12:43 | 00,000,000 | ---D | C] -- C:\Users\mnk\AppData\Roaming\hpqLog
[2009.11.12 00:12:44 | 80,242,728 | ---- | C] (Microsoft Corp.) -- C:\Users\mnk\Desktop\Win7-HP-Retail-de-de-x64.exe
[2009.11.11 18:18:47 | 00,000,000 | ---D | C] -- C:\Users\mnk\AppData\Roaming\GetRightToGo
[2009.11.10 17:04:08 | 00,162,824 | ---- | C] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Windows\SysNative\drivers\bdfm.sys
[2009.11.10 17:03:44 | 00,101,896 | ---- | C] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Windows\SysNative\drivers\bdhv.sys
[2009.11.04 01:32:28 | 00,000,000 | ---D | C] -- C:\Users\mnk\AppData\Local\FullTiltPoker
[2009.11.04 01:31:08 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Full Tilt Poker
[2009.11.02 18:19:26 | 00,000,000 | ---D | C] -- C:\Users\mnk\AppData\Local\Microsoft Corporation
[2009.11.02 18:17:37 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor
[2009.05.05 16:36:47 | 01,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkserv.dll
[2009.05.05 16:36:47 | 00,991,232 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkusb1.dll
[2009.05.05 16:36:47 | 00,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkhbn3.dll
[2009.05.05 16:36:47 | 00,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkcomc.dll
[2009.05.05 16:36:47 | 00,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkpmui.dll
[2009.05.05 16:36:47 | 00,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbklmpm.dll
[2009.05.05 16:36:47 | 00,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkcomm.dll
[2009.05.05 16:36:47 | 00,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkinpa.dll
[2009.05.05 16:36:47 | 00,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkiesc.dll
[2009.05.05 16:36:47 | 00,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkprox.dll
[2009.05.05 16:36:47 | 00,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbkpplc.dll
 
========== Files - Modified Within 30 Days ==========
 
[2009.11.29 22:02:18 | 02,883,584 | -HS- | M] () -- C:\Users\mnk\NTUSER.DAT
[2009.11.29 21:20:00 | 00,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2009.11.29 21:20:00 | 00,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009.11.29 15:08:52 | 00,009,504 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2009.11.29 15:08:52 | 00,009,504 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2009.11.29 15:03:35 | 00,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2009.11.29 15:03:32 | 00,001,064 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2009.11.29 15:02:20 | 00,090,855 | ---- | M] () -- C:\ProgramData\nvModes.001
[2009.11.29 15:01:30 | 00,000,436 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2009.11.29 15:00:32 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009.11.29 15:00:23 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009.11.29 15:00:15 | 31,952,36352 | -HS- | M] () -- C:\hiberfil.sys
[2009.11.29 14:59:11 | 02,824,353 | -H-- | M] () -- C:\Users\mnk\AppData\Local\IconCache.db
[2009.11.29 14:55:43 | 00,000,930 | ---- | M] () -- C:\Users\mnk\Desktop\NTREGOPT.lnk
[2009.11.29 14:55:42 | 00,000,911 | ---- | M] () -- C:\Users\mnk\Desktop\ERUNT.lnk
[2009.11.29 14:55:04 | 00,791,393 | ---- | M] (Lars Hederer                                                ) -- C:\Users\mnk\erunt-setup.exe
[2009.11.29 13:45:37 | 45,898,635 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2009.11.29 13:45:11 | 00,106,123 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\microavi.avg
[2009.11.28 12:18:30 | 01,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2009.11.28 12:18:30 | 00,643,866 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2009.11.28 12:18:30 | 00,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009.11.28 12:18:30 | 00,126,394 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2009.11.28 12:18:30 | 00,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2009.11.28 11:31:58 | 03,093,684 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1000000.07D\Cat.DB
[2009.11.27 21:55:50 | 00,532,992 | ---- | M] (OldTimer Tools) -- C:\Users\mnk\Desktop\OTL.exe
[2009.11.27 21:50:48 | 00,000,385 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml
[2009.11.27 19:45:22 | 00,001,015 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009.11.26 21:53:41 | 00,000,016 | ---- | M] () -- C:\Windows\SysNative\asdict.dat
[2009.11.26 21:53:41 | 00,000,004 | ---- | M] () -- C:\Windows\SysNative\aspdict-en.dat
[2009.11.26 21:53:41 | 00,000,000 | ---- | M] () -- C:\Windows\SysNative\ab_bl.sig
[2009.11.26 21:41:19 | 00,000,132 | ---- | M] () -- C:\Windows\SysNative\rezumatenoi.dat
[2009.11.26 21:40:43 | 00,000,000 | ---- | M] () -- C:\pcwords2.dat
[2009.11.26 21:40:43 | 00,000,000 | ---- | M] () -- C:\pcwords.dat
[2009.11.26 21:40:43 | 00,000,000 | ---- | M] () -- C:\pcconf.ini
[2009.11.26 21:40:43 | 00,000,000 | ---- | M] () -- C:\pc_sign.slf
[2009.11.26 21:19:06 | 00,002,098 | ---- | M] () -- C:\Users\Public\Desktop\BitDefender Antivirus 2010.lnk
[2009.11.26 12:44:35 | 00,090,855 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2009.11.26 00:54:17 | 00,001,264 | ---- | M] () -- C:\Users\mnk\Desktop\Spybot - Search & Destroy.lnk
[2009.11.25 21:00:28 | 00,013,664 | ---- | M] () -- C:\Users\mnk\Desktop\winamp - Verknüpfung.lnk
[2009.11.23 14:59:46 | 00,004,985 | ---- | M] () -- C:\ProgramData\ojvzdisj.xda
[2009.11.23 14:59:29 | 00,001,075 | ---- | M] () -- C:\Users\mnk\Desktop\PokerTracker 3.lnk
[2009.11.21 14:57:34 | 00,002,099 | ---- | M] () -- C:\Users\mnk\Desktop\HijackThis.lnk
[2009.11.20 18:31:36 | 00,001,986 | ---- | M] () -- C:\Users\mnk\Desktop\Casino-On-Net.lnk
[2009.11.19 16:28:51 | 00,002,767 | ---- | M] () -- C:\Users\Public\Desktop\Vodafone SMS.lnk
[2009.11.19 16:28:51 | 00,002,767 | ---- | M] () -- C:\Users\Public\Desktop\Vodafone Mobile Connect.lnk
[2009.11.17 17:18:46 | 01,019,784 | ---- | M] () -- C:\Users\mnk\Desktop\royal plo2.PNG
[2009.11.17 17:16:20 | 00,000,000 | ---- | M] () -- C:\Users\mnk\Desktop\Neue Bitmap.bmp
[2009.11.15 20:44:17 | 00,001,148 | ---- | M] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2009.11.15 20:43:59 | 00,001,184 | ---- | M] () -- C:\Users\Public\Desktop\DivX Converter.lnk
[2009.11.15 20:43:39 | 00,001,617 | ---- | M] () -- C:\Users\mnk\Desktop\DivX Movies.lnk
[2009.11.14 15:18:33 | 00,101,328 | ---- | M] () -- C:\Users\mnk\AppData\Local\GDIPFONTCACHEV1.DAT
[2009.11.14 15:17:15 | 00,385,600 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2009.11.12 11:54:23 | 00,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2009.11.12 11:08:25 | 00,000,020 | -HS- | M] () -- C:\Users\mnk\ntuser.ini
[2009.11.12 04:01:18 | 00,056,735 | ---- | M] () -- C:\Windows\SysWow64\license.rtf

jomos · 29.11.2009, 22:23

OTL.txt Teil 6

Code:

ATTFilter

[2009.11.12 04:01:18 | 00,056,735 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2009.11.12 03:47:54 | 00,022,960 | ---- | M] () -- C:\Windows\SysNative\emptyregdb.dat
[2009.11.12 03:02:11 | 00,524,288 | -HS- | M] () -- C:\Users\mnk\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2009.11.12 03:02:11 | 00,524,288 | -HS- | M] () -- C:\Users\mnk\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2009.11.12 03:02:11 | 00,065,536 | -HS- | M] () -- C:\Users\mnk\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2009.11.12 03:01:35 | 00,001,345 | ---- | M] () -- C:\Users\mnk\Desktop\Media Center.lnk
[2009.11.12 02:58:43 | 00,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01000.Wdf
[2009.11.12 02:58:03 | 00,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2009.11.12 02:52:42 | 00,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2009.11.12 02:14:30 | 00,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009.11.12 02:14:28 | 00,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009.11.12 01:29:48 | 00,004,478 | ---- | M] () -- C:\Users\mnk\Desktop\Windows-Kompatibilitätsbericht.htm
[2009.11.12 01:19:14 | 00,002,608 | ---- | M] () -- C:\Windows\diagwrn.xml
[2009.11.12 01:19:14 | 00,001,890 | ---- | M] () -- C:\Windows\diagerr.xml
[2009.11.12 01:14:41 | 00,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2009.11.12 00:21:41 | 80,242,728 | ---- | M] (Microsoft Corp.) -- C:\Users\mnk\Desktop\Win7-HP-Retail-de-de-x64.exe
[2009.11.12 00:14:14 | 16,926,8602 | ---- | M] () -- C:\Users\mnk\Desktop\setup2.box
[2009.11.11 23:58:06 | 28,247,77272 | ---- | M] () -- C:\Users\mnk\Desktop\setup1.box
[2009.11.10 17:04:08 | 00,162,824 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Windows\SysNative\drivers\bdfm.sys
[2009.11.10 17:03:44 | 00,101,896 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Windows\SysNative\drivers\bdhv.sys
[2009.11.10 14:51:58 | 00,077,847 | ---- | M] () -- C:\Users\mnk\Desktop\royal plo.JPG
[2009.11.10 14:24:35 | 00,470,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2009.11.05 10:06:00 | 28,155,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MRT.exe
[2009.11.04 01:31:08 | 00,001,603 | ---- | M] () -- C:\Users\Public\Desktop\Full Tilt Poker.lnk
[2009.11.02 19:24:53 | 00,021,022 | ---- | M] () -- C:\Users\mnk\kqoC0Z70rrb3jHkdWAdtPg.jpg
[2009.11.02 18:17:41 | 00,002,028 | ---- | M] () -- C:\Users\Public\Desktop\Windows 7 Upgrade Advisor.lnk
 
========== Files Created - No Company Name ==========
 
[2009.11.29 14:55:43 | 00,000,930 | ---- | C] () -- C:\Users\mnk\Desktop\NTREGOPT.lnk
[2009.11.29 14:55:42 | 00,000,911 | ---- | C] () -- C:\Users\mnk\Desktop\ERUNT.lnk
[2009.11.27 21:50:48 | 00,000,385 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml
[2009.11.27 19:45:22 | 00,001,015 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009.11.26 21:53:41 | 00,000,016 | ---- | C] () -- C:\Windows\SysNative\asdict.dat
[2009.11.26 21:53:41 | 00,000,004 | ---- | C] () -- C:\Windows\SysNative\aspdict-en.dat
[2009.11.26 21:53:41 | 00,000,000 | ---- | C] () -- C:\Windows\SysNative\ab_bl.sig
[2009.11.26 21:41:19 | 00,000,132 | ---- | C] () -- C:\Windows\SysNative\rezumatenoi.dat
[2009.11.26 21:40:43 | 00,000,000 | ---- | C] () -- C:\pcwords2.dat
[2009.11.26 21:40:43 | 00,000,000 | ---- | C] () -- C:\pcwords.dat
[2009.11.26 21:40:43 | 00,000,000 | ---- | C] () -- C:\pcconf.ini
[2009.11.26 21:40:43 | 00,000,000 | ---- | C] () -- C:\pc_sign.slf
[2009.11.26 21:19:06 | 00,002,098 | ---- | C] () -- C:\Users\Public\Desktop\BitDefender Antivirus 2010.lnk
[2009.11.26 00:54:17 | 00,001,264 | ---- | C] () -- C:\Users\mnk\Desktop\Spybot - Search & Destroy.lnk
[2009.11.25 21:00:28 | 00,013,664 | ---- | C] () -- C:\Users\mnk\Desktop\winamp - Verknüpfung.lnk
[2009.11.23 14:59:46 | 00,004,985 | ---- | C] () -- C:\ProgramData\ojvzdisj.xda
[2009.11.23 14:59:29 | 00,001,075 | ---- | C] () -- C:\Users\mnk\Desktop\PokerTracker 3.lnk
[2009.11.21 14:57:18 | 00,002,099 | ---- | C] () -- C:\Users\mnk\Desktop\HijackThis.lnk
[2009.11.20 18:31:36 | 00,001,986 | ---- | C] () -- C:\Users\mnk\Desktop\Casino-On-Net.lnk
[2009.11.19 16:28:51 | 00,002,767 | ---- | C] () -- C:\Users\Public\Desktop\Vodafone SMS.lnk
[2009.11.19 16:28:51 | 00,002,767 | ---- | C] () -- C:\Users\Public\Desktop\Vodafone Mobile Connect.lnk
[2009.11.17 17:18:46 | 01,019,784 | ---- | C] () -- C:\Users\mnk\Desktop\royal plo2.PNG
[2009.11.17 17:16:20 | 00,000,000 | ---- | C] () -- C:\Users\mnk\Desktop\Neue Bitmap.bmp
[2009.11.15 20:44:17 | 00,001,148 | ---- | C] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2009.11.15 20:43:59 | 00,001,184 | ---- | C] () -- C:\Users\Public\Desktop\DivX Converter.lnk
[2009.11.12 22:29:51 | 00,090,855 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.11.12 20:17:13 | 00,090,855 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.11.12 11:54:23 | 00,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2009.11.12 11:09:25 | 00,000,000 | ---- | C] () -- C:\Users\mnk\AppData\Local\QSwitch.txt
[2009.11.12 11:09:25 | 00,000,000 | ---- | C] () -- C:\Users\mnk\AppData\Local\DSwitch.txt
[2009.11.12 11:09:24 | 00,000,000 | ---- | C] () -- C:\Users\mnk\AppData\Local\AtStart.txt
[2009.11.12 11:08:25 | 00,000,020 | -HS- | C] () -- C:\Users\mnk\ntuser.ini
[2009.11.12 04:03:05 | 31,952,36352 | -HS- | C] () -- C:\hiberfil.sys
[2009.11.12 03:47:54 | 00,022,960 | ---- | C] () -- C:\Windows\SysNative\emptyregdb.dat
[2009.11.12 03:02:09 | 00,524,288 | -HS- | C] () -- C:\Users\mnk\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2009.11.12 03:02:09 | 00,524,288 | -HS- | C] () -- C:\Users\mnk\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2009.11.12 03:02:08 | 02,883,584 | -HS- | C] () -- C:\Users\mnk\NTUSER.DAT
[2009.11.12 03:02:08 | 00,065,536 | -HS- | C] () -- C:\Users\mnk\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2009.11.12 03:01:35 | 00,001,345 | ---- | C] () -- C:\Users\mnk\Desktop\Media Center.lnk
[2009.11.12 02:59:14 | 00,015,222 | ---- | C] () -- C:\Windows\SysNative\nbspkrs.ico
[2009.11.12 02:59:14 | 00,003,774 | ---- | C] () -- C:\Windows\SysNative\bltinmic.ico
[2009.11.12 02:59:14 | 00,003,774 | ---- | C] () -- C:\Windows\SysNative\2hps.ico
[2009.11.12 02:58:43 | 00,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01000.Wdf
[2009.11.12 02:58:03 | 00,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2009.11.12 02:57:43 | 00,009,504 | -H-- | C] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2009.11.12 02:57:43 | 00,009,504 | -H-- | C] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2009.11.12 02:12:28 | 00,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2009.11.12 00:35:54 | 00,004,478 | ---- | C] () -- C:\Users\mnk\Desktop\Windows-Kompatibilitätsbericht.htm
[2009.11.12 00:33:48 | 00,002,608 | ---- | C] () -- C:\Windows\diagwrn.xml
[2009.11.12 00:33:48 | 00,001,890 | ---- | C] () -- C:\Windows\diagerr.xml
[2009.11.11 23:58:06 | 16,926,8602 | ---- | C] () -- C:\Users\mnk\Desktop\setup2.box
[2009.11.11 18:18:52 | 28,247,77272 | ---- | C] () -- C:\Users\mnk\Desktop\setup1.box
[2009.11.10 14:51:55 | 00,077,847 | ---- | C] () -- C:\Users\mnk\Desktop\royal plo.JPG
[2009.11.04 01:31:08 | 00,001,603 | ---- | C] () -- C:\Users\Public\Desktop\Full Tilt Poker.lnk
[2009.11.02 19:24:52 | 00,021,022 | ---- | C] () -- C:\Users\mnk\kqoC0Z70rrb3jHkdWAdtPg.jpg
[2009.11.02 18:17:40 | 00,002,028 | ---- | C] () -- C:\Users\Public\Desktop\Windows 7 Upgrade Advisor.lnk
[2009.10.10 15:33:02 | 00,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2009.10.10 15:32:06 | 00,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2009.07.18 17:40:42 | 00,290,816 | ---- | C] () -- C:\Windows\SysWow64\decdll.dll
[2009.07.14 00:42:10 | 00,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 00,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.07.08 17:11:16 | 00,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2009.07.08 17:11:16 | 00,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2009.07.08 17:11:16 | 00,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2009.05.07 22:23:35 | 00,144,144 | ---- | C] () -- C:\Windows\SysWow64\MASE32.DLL
[2009.05.07 22:23:32 | 00,201,488 | ---- | C] () -- C:\Windows\SysWow64\MACD32.DLL
[2009.05.07 22:23:32 | 00,141,584 | ---- | C] () -- C:\Windows\SysWow64\MAMC32.DLL
[2009.05.07 22:23:32 | 00,063,248 | ---- | C] () -- C:\Windows\SysWow64\MASD32.DLL
[2009.05.07 22:23:32 | 00,033,040 | ---- | C] () -- C:\Windows\SysWow64\MA32.DLL
[2009.05.05 16:41:50 | 00,000,174 | ---- | C] () -- C:\Windows\Lexstat.ini
[2009.05.05 16:36:47 | 00,413,696 | ---- | C] () -- C:\Windows\SysWow64\lxbkutil.dll
[2009.05.05 16:36:47 | 00,274,432 | ---- | C] () -- C:\Windows\SysWow64\LXBKinst.dll
[2008.03.07 16:43:56 | 00,084,734 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2008.03.07 13:47:30 | 00,020,270 | ---- | C] () -- C:\ProgramData\DeviceInstaller.xml
 
========== LOP Check ==========
 
[2009.11.26 21:18:57 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\BitDefender
[2009.11.22 23:22:22 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\CasinoOnNet
[2009.11.12 03:31:02 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\funkitron
[2009.11.12 03:31:02 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\Gaijin Ent
[2009.11.12 03:31:02 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\GetRightToGo
[2009.11.12 03:31:04 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\ICQ
[2009.11.27 23:33:19 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\IrfanView
[2009.11.12 03:31:11 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\MAGIX
[2009.11.12 03:31:18 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\Nokia
[2009.11.12 03:31:18 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\Nokia Multimedia Player
[2009.11.12 03:31:18 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\NSeries
[2009.11.12 03:32:12 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\PacificPoker
[2009.11.12 03:32:13 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\PC Suite
[2009.11.12 03:32:13 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\PlayFirst
[2009.11.12 03:32:18 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\SPORE Creature Creator
[2009.11.12 03:32:18 | 00,000,000 | ---D | M] -- C:\Users\mnk\AppData\Roaming\Vodafone
[2009.07.14 06:08:49 | 00,013,230 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 64 bytes -> C:\Users\mnk\Documents\Xavier Naidoo Piano cover (Instrumental) by Elton Richardson.mp3:TOC.WMV
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:8CEFE51A
< End of report >

jomos · 29.11.2009, 22:24

Extras.txt Teil 1

Code:

ATTFilter

OTL Extras logfile created on: 29.11.2009 22:08:22 - Run 3
OTL by OldTimer - Version 3.1.11.0     Folder = C:\Users\mnk\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,97 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 46,82% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285,50 Gb Total Space | 137,32 Gb Free Space | 48,10% Space Free | Partition Type: NTFS
Drive D: | 298,09 Gb Total Space | 116,30 Gb Free Space | 39,02% Space Free | Partition Type: NTFS
Drive E: | 12,58 Gb Total Space | 11,93 Gb Free Space | 94,79% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 59,31 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: MNK-LAPTOP
Current User Name: mnk
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\system32\ieframe.DLL (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\system32\ieframe.DLL (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %* File not found
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 File not found
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %* File not found
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 File not found
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found

jomos · 29.11.2009, 22:25

Extras.txt Teil 2

Code:

ATTFilter

txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = ANYCOM Bluetooth Software 6.0.1.6300
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{191C1158-D287-4074-B749-D4CDD321E062}" = ProtectSmart Hard Drive Protection
"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{5B45350C-36B7-41C6-BF80-3E4B1B760171}" = BitDefender Antivirus 2010
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{D2F7994F-661E-46D1-A1DF-67F2887AAA7E}" = HP MediaSmart SmartMenu
"{DDC742CC-2382-4E49-8B59-A6EC368F94D4}" = PC Connectivity Solution 64-bit components
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"B30ECD0209A21D638611F893829C8AF3A483A302" = Windows Driver Package - ENE (enecir) HIDClass  (04/29/2008 2.5.0.0)
"Lexmark X1100 Series" = Lexmark X1100 Series
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software  1.14.17.1
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{149BBCB8-674F-48D2-969C-9D0EA88DA7D6}" = HP User Guides 0129
"{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}" = HP Total Care Advisor
"{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{2D21ECE3-8EC1-4315-AE4E-1970FB3AF17A}" = Nokia Nseries Video Manager
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{30D3B7BC-5798-45D9-822D-05CA18F39E99}" = HPTCSSetup
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements
"{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}" = HP Active Support Library
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{6094AB91-4CC8-498E-9DFF-134CC0B159DE}" = PC Connectivity Solution
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{631A0B87-B0B7-4B47-00A2-119A4B942EB6}" = Clive Barker's Undying(tm)
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player

jomos · 29.11.2009, 22:26

Extras.txt Teil 3

Code:

ATTFilter

"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}" = Nokia Connectivity Cable Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B53F4598-B3D9-41DF-911E-523FA91EE464}" = Nokia Software Launcher
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7A1E737-0347-4B8A-B1A8-1D4624C3C45A}" = ActivePerl 5.8.8 Build 820
"{B823632F-3B72-4514-8861-B961CE263224}" = PostgreSQL 8.3
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CC016F21-3970-11DE-B878-005056806466}" = Google Earth
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}" = muvee Reveal
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E94603CA-2996-4154-8EE2-A5FCD4BFB500}" = Nokia Lifeblog 2.5
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1932E56-8A95-40E0-A15B-E06B45969845}" = Nokia NSeries System Utilities
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}" = Pinnacle TVCenter Pro
"{F4EE8763-EAA8-4BC1-8594-8501F5F00414}" = Nokia NSeries One Touch Access
"{F722E488-A5B5-47ff-AA9B-4DE6CE7914CA}" = Windows 7 Upgrade Advisor
"{F779EC8D-6703-4C4A-817C-37B07898E647}" = Nokia NSeries Content Copier
"{F7C0163D-9CD8-4F5F-BAC8-3E45A0000AFF}" = Vodafone Mobile Connect Lite Huawei
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FA25FAF6-3097-43C9-BBB2-A77CE8AF1881}" = Nokia NSeries Multimedia Player
"{FD349381-D79C-4E5C-8980-015DFFB962D5}" = Nokia NSeries Application Installer
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AVG9Uninstall" = AVG Free 9.0
"Burden of Time" = Burden of Time
"Casino-On-Net" = Casino-On-Net
"Celestia_is1" = Celestia 1.5.1
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"ERUNT_is1" = ERUNT 1.1j
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition
"Free Video Converter_is1" = Free Video Converter V 2.1
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 3.1
"Google Updater" = Google Updater
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ImTOO DVD to MP4 Converter" = ImTOO DVD to MP4 Converter
"ImTOO MP4 Video Converter" = ImTOO MP4 Video Converter
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"iPod Video Converter" = iPod Video Converter 4.00
"IrfanView" = IrfanView (remove only)
"MAGIX Foto Manager 8 D" = MAGIX Foto Manager 8 6.0.1.457 (D)
"MAGIX Fotobuch" = MAGIX Fotobuch 3.6
"MAGIX Online Druck Service D" = MAGIX Online Druck Service 3.4.3.0 (D)
"MAGIX Screenshare D" = MAGIX Screenshare 4.3.6.1987 (D)
"MAGIX Xtreme Web Designer 5 D" = MAGIX Xtreme Web Designer 5 5.0.1.8579 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"mIRC" = mIRC
"Mozilla Firefox (3.0.15)" = Mozilla Firefox (3.0.15)
"Mufin MusicFinder Base D" = Mufin MusicFinder Base 1.5.3.255 (D)
"Network Stumbler" = Network Stumbler 0.4.0 (remove only)
"NIS" = Norton Internet Security
"Pacific Poker" = Pacific Poker
"PokerStars" = PokerStars
"PokerTracker3" = PokerTracker 3 (remove only)
"PostgreSQL 8.4" = PostgreSQL 8.4
"Sandlot Games Client Services 1.2.2_is1" = Sandlot Games Client Services 1.2.2
"South Park Rally" = South Park Rally
"Steam App 10" = Counter-Strike
"Steam App 20" = Team Fortress Classic
"Steam App 40" = Deathmatch Classic
"Uninstall_is1" = Uninstall 1.0.0.1
"Ventrilo" = Ventrilo
"VLC media player" = VLC media player 0.9.9
"Warcraft III" = Warcraft III
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Warcraft III" = Warcraft III: All Products
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >

Larusso · 29.11.2009, 22:35

Kurzer Hinweis

Infos zu Pokerspielen

Party Poker, PartyCasino, Ultimate Bet, EmpirePoker und andere Poker-Websites (Liste schädlicher Pokerseiten) beinhalten das Risiko, dass Du Dir beim Besuch der Seiten Malware auf den Rechner holst. In vielen Fällen werden ungefragt Plugins installiert, die weitere Parasiten "nachladen". Mir derzeit bekannte sichere Alternativen sind PokerStars und Pogo.com. Meine Empfehlung lautet, alle anderen über Systemsteuerung => Software zu deinstallieren.

Poste mir bitte eine HJT Logfile und berichte wie der Rechner läuft

jomos · 30.11.2009, 14:16

CPU Auslastung ist immernoch auf Minimum 60%.

HJT:

Code:

ATTFilter

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:57:46, on 21.11.2009
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\Nokia\Nokia Software Launcher\NSLauncher.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files (x86)\AVG\AVG9\avgtray.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe
C:\PROGRA~2\PACIFI~1\bin\poker.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
D:\Games\Steam\Steam.exe
C:\Users\mnk\AppData\Local\Temp\b.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\IPSBHO.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files (x86)\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [NSLauncher] C:\Program Files (x86)\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKLM\..\Run: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [PMCLoader] C:\Program Files (x86)\Pinnacle\TVCenter Pro\PMCLoader.exe -checktasks
O4 - HKCU\..\Run: [Steam] "D:\Games\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MailBlocker] C:\Users\mnk\AppData\Local\Temp\b.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-21-2710611542-2163317767-2748685683-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'postgres')
O4 - HKUS\S-1-5-21-2710611542-2163317767-2748685683-1002\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'postgres')
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\ANYCOM\Bluetooth-USB\btsendto_ie_ctx.htm
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\ANYCOM\Bluetooth-USB\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~2\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~2\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ANYCOM\Bluetooth-USB\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ANYCOM\Bluetooth-USB\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O13 - Gopher Prefix: 
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{626B04DE-9ED7-4C74-927B-52074EF3906C}: NameServer = 139.7.30.125 139.7.30.126
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21bd21dd0a38d98e\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Update Service (gupdate1c9cddcfc110e0) (gupdate1c9cddcfc110e0) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files (x86)\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21bd21dd0a38d98e\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UPnPService - Magix AG - C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15916 bytes

Larusso · 30.11.2009, 14:26

Ich brauche eine neue HJT Logfile

Scan saved at 14:57:46, on 21.11.2009

jomos · 30.11.2009, 16:34

Code:

ATTFilter

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:33:41, on 30.11.2009
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exe
C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\Nokia\Nokia Software Launcher\NSLauncher.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files\BitDefender\BitDefender 2010\antispam32\bdimguiaux.exe
C:\Program Files (x86)\AVG\AVG9\avgtray.exe
C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cnnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\IPSBHO.DLL
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\coIEPlg.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - "C:\Program Files\BitDefender\BitDefender 2010\Antispam32\IEToolbar.dll" (file missing)
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files (x86)\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [NSLauncher] C:\Program Files (x86)\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKLM\..\Run: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKLM\..\Run: [ Malwarebytes Anti-Malware  (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [PMCLoader] C:\Program Files (x86)\Pinnacle\TVCenter Pro\PMCLoader.exe -checktasks
O4 - HKCU\..\Run: [Steam] "D:\Games\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-21-2710611542-2163317767-2748685683-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'postgres')
O4 - HKUS\S-1-5-21-2710611542-2163317767-2748685683-1002\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'postgres')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\ANYCOM\Bluetooth-USB\btsendto_ie_ctx.htm
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\ANYCOM\Bluetooth-USB\btsendto_ie.htm
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ANYCOM\Bluetooth-USB\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ANYCOM\Bluetooth-USB\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O13 - Gopher Prefix: 
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{626B04DE-9ED7-4C74-927B-52074EF3906C}: NameServer = 139.7.30.125 139.7.30.126
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21bd21dd0a38d98e\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Update Service (gupdate1c9cddcfc110e0) (gupdate1c9cddcfc110e0) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: PostgreSQL Server 8.4 (postgresql-8.4) - PostgreSQL Global Development Group - C:/Program Files (x86)/PostgreSQL2/8.4/bin/pg_ctl.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files (x86)\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21bd21dd0a38d98e\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UPnPService - Magix AG - C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 17189 bytes

30.11.2009, 14:26	#44
Larusso /// Selecta Jahrusso	CPU Auslastung immer über 50% Ich brauche eine neue HJT Logfile Scan saved at 14:57:46, on 21.11.2009 __________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie

CPU Auslastung immer über 50%

Plagegeister aller Art und deren Bekämpfung: CPU Auslastung immer über 50%